Period
to 9 April 2020

The following table provides summary statistics for contract job vacancies with a requirement for PCI DSS skills. Included is a benchmarking guide to the contractor rates offered in vacancies that have cited PCI DSS over the 6 months to 9 April 2020 with a comparison to the same period in the previous 2 years.

Note that daily and hourly rates are treated separately in these statistics. When calculating contractor rate percentiles, daily rates are never derived from quoted hourly rates or vice versa.

Payment Card Industry Data Security Standard (PCI DSS)
UK
6 months to
9 Apr 2020
Same period 2019 Same period 2018
Rank 486 466 380
Rank change year-on-year -20 -86 +12
Contract jobs citing PCI DSS 212 468 651
As % of all contract jobs advertised in the UK 0.35% 0.48% 0.64%
As % of the Quality Assurance & Compliance category 3.46% 4.49% 5.12%
Number of daily rates quoted 125 306 414
Median daily rate £488 £513 £500
Median daily rate % change year-on-year -4.88% +2.50% +5.26%
10th Percentile £325 £363 £338
90th Percentile £695 £731 £663
UK excluding London median daily rate £450 £488 £425
% change year-on-year -7.74% +14.76% -7.61%
Number of hourly rates quoted 3 2 3
Median hourly rate £35.00 £29.00 £60.00
Median hourly rate % change year-on-year +20.69% -51.67% -
UK excluding London median hourly rate £55.00 £23.00 £52.50
% change year-on-year +139.13% -56.19% -

PCI DSS is in the Quality Assurance and Compliance category. The following table is for comparison with the above and provides summary statistics for all contract job vacancies with a requirement for quality assurance or compliance skills.

All Quality Assurance and Compliance Skills
UK
Contract vacancies with a requirement for quality assurance or compliance skills 6,120 10,420 12,707
As % of all contract IT jobs advertised in the UK 10.10% 10.76% 12.59%
Number of daily rates quoted 3,687 6,513 8,172
Median daily rate £450 £450 £450
10th Percentile £220 £250 £258
90th Percentile £638 £650 £638
UK excluding London median daily rate £425 £425 £400
% change year-on-year - +6.25% -
Number of hourly rates quoted 287 353 360
Median hourly rate £24.50 £21.76 £22.25
Median hourly rate % change year-on-year +12.59% -2.20% +3.49%
10th Percentile £13.55 £11.00 £12.23
90th Percentile £52.70 £48.75 £57.50
Median hourly rate £22.55 £20.25 £24.56
% change year-on-year +11.36% -17.57% +17.12%

PCI DSS
Job Vacancy Trend

Job postings citing PCI DSS as a proportion of all IT jobs advertised.

Job vacancy trend for PCI DSS in the UK

PCI DSS
Contractor Daily Rate Trend

3-month moving average daily rate quoted in jobs citing PCI DSS.

Daily rate trend for PCI DSS in the UK

PCI DSS
Daily Rate Histogram

Daily rate distribution for jobs citing PCI DSS over the 6 months to 9 April 2020.

Daily rate histogram for PCI DSS in the UK

PCI DSS
Contractor Hourly Rate Trend

3-month moving average hourly rates quoted in jobs citing PCI DSS.

Hourly rate trend for PCI DSS in the UK

PCI DSS
Hourly Rate Histogram

Hourly rate distribution of jobs citing PCI DSS over the 6 months to 9 April 2020.

Hourly rate histogram for PCI DSS in the UK

PCI DSS
Top 15 Contract Locations

The table below looks at the demand and provides a guide to the median contractor rates quoted in IT jobs citing PCI DSS within the UK over the 6 months to 9 April 2020. The 'Rank Change' column provides an indication of the change in demand within each location based on the same 6 month period last year.

Location Rank Change
on Same Period
Last Year
Matching
Contract
IT Job Ads
Median
Daily Rate
Past 6 Months
Median Daily Rate
% Change
on Same Period
Last Year
Live
Job
Vacancies
England -22 186 £515 +0.48% 48
UK excluding London +39 157 £450 -7.74% 42
South East +57 57 £488 -2.50% 9
London +22 54 £550 -8.33% 7
North of England +58 34 £550 +22.22% 18
Scotland +40 24 £450 -25.00%
East of England +25 20 £410 -20.00% 3
Yorkshire +61 17 £550 +33.33% 5
North West +46 17 £563 +4.65% 13
South West +13 13 £375 -11.76% 4
Midlands +30 8 £635 +49.41% 7
West Midlands +37 5 £481 +13.24% 5
East Midlands +31 3 £675 +141.07% 2
Wales +22 1 £363 -38.03% 1
Work from Home +1 1 - - 2

For the 6 months to 9 April 2020, IT contractor jobs citing PCI DSS also mentioned the following skills in order of popularity. The figures indicate the absolute number co-occurrences and as a proportion of all contract job ads with a requirement for PCI DSS.

1 99 (46.70%) Information Security
2 98 (46.23%) ISO/IEC 27001
3 65 (30.66%) CISSP
4 57 (26.89%) GDPR
5 55 (25.94%) CISM
6 50 (23.58%) AWS
7 41 (19.34%) Azure
8 34 (16.04%) Linux
8 34 (16.04%) Risk Management
8 34 (16.04%) Finance
9 32 (15.09%) Windows
9 32 (15.09%) SIEM
10 30 (14.15%) CISA
10 30 (14.15%) Public Sector
11 29 (13.68%) NIST
11 29 (13.68%) Firewall
12 28 (13.21%) Cybersecurity
13 26 (12.26%) Security Architecture
14 25 (11.79%) Degree
14 25 (11.79%) Problem-Solving
15 24 (11.32%) Vulnerability Management
16 23 (10.85%) Retail
16 23 (10.85%) ITIL
17 22 (10.38%) Microsoft
18 21 (9.91%) Stakeholder Management
18 21 (9.91%) Analytical Skills
18 21 (9.91%) Security Monitoring
18 21 (9.91%) Security Operations
19 20 (9.43%) Agile Software Development
19 20 (9.43%) Intrusion Detection

PCI DSS
Co-occurring IT Skills by Category

The follow tables expand on the table above by listing co-occurrences grouped by category. The same job type, locality and period is covered with up to 20 co-occurrences shown in each of the following categories:

Application Platforms
1 7 (3.30%) Apache
2 6 (2.83%) Elasticsearch
3 4 (1.89%) Apache Spark
3 4 (1.89%) IIS
4 2 (0.94%) CMS
4 2 (0.94%) Confluence
4 2 (0.94%) JBoss
4 2 (0.94%) SharePoint
4 2 (0.94%) Tomcat
5 1 (0.47%) Commerce Server
5 1 (0.47%) Drupal
5 1 (0.47%) WebSphere
Applications
1 3 (1.42%) Microsoft Office
2 2 (0.94%) Microsoft Excel
3 1 (0.47%) Acrobat
3 1 (0.47%) FrameMaker
3 1 (0.47%) MS Visio
3 1 (0.47%) Photoshop
3 1 (0.47%) Snagit
Business Applications
1 13 (6.13%) Payment Gateway
2 6 (2.83%) Oracle Procure-to-Pay
3 5 (2.36%) SAP GRC
4 4 (1.89%) Oracle Assets
4 4 (1.89%) Oracle General Ledger
4 4 (1.89%) Oracle Payables
4 4 (1.89%) Oracle Receivables
5 2 (0.94%) Magento
5 2 (0.94%) SAP Oil and Gas
6 1 (0.47%) Dynamics CRM
Cloud Services
1 50 (23.58%) AWS
2 41 (19.34%) Azure
3 17 (8.02%) Office 365
4 10 (4.72%) GCP
5 4 (1.89%) Oracle CX
6 2 (0.94%) Amazon CloudWatch
6 2 (0.94%) AWS Lambda
6 2 (0.94%) Azure Active Directory
6 2 (0.94%) Datadog
6 2 (0.94%) PaaS
6 2 (0.94%) SaaS
6 2 (0.94%) Serverless
7 1 (0.47%) Firebase
7 1 (0.47%) IaaS
7 1 (0.47%) OpenShift
7 1 (0.47%) Twilio
7 1 (0.47%) Virtual Private Cloud
7 1 (0.47%) Yammer
Communications & Networking
1 29 (13.68%) Firewall
2 20 (9.43%) Intrusion Detection
3 16 (7.55%) TCP/IP
4 15 (7.08%) Internet
5 14 (6.60%) DNS
5 14 (6.60%) Network Security
6 9 (4.25%) HTTP
6 9 (4.25%) SMTP
6 9 (4.25%) VPN
7 7 (3.30%) LAN
7 7 (3.30%) VoIP
7 7 (3.30%) WAN
8 6 (2.83%) SSL
8 6 (2.83%) Wireless
9 5 (2.36%) Kerberos
10 4 (1.89%) iSCSI
11 3 (1.42%) Cisco Nexus
11 3 (1.42%) DHCP
11 3 (1.42%) NFC
11 3 (1.42%) WLAN
Database & Business Intelligence
1 7 (3.30%) Big Data
2 4 (1.89%) MySQL
3 3 (1.42%) SQL Server
4 2 (0.94%) Apache Cassandra
4 2 (0.94%) Data Lake
4 2 (0.94%) Redis
5 1 (0.47%) SQL Server Analysis Services
5 1 (0.47%) SQL Server Reporting Services
Development Applications
1 4 (1.89%) Jenkins
2 3 (1.42%) JIRA
3 1 (0.47%) Artifactory
3 1 (0.47%) Bitbucket
3 1 (0.47%) Git (software)
3 1 (0.47%) GitLab
3 1 (0.47%) SonarQube
3 1 (0.47%) Sonatype Nexus
3 1 (0.47%) Team Foundation Server
3 1 (0.47%) TestRail
General
1 34 (16.04%) Finance
2 30 (14.15%) Public Sector
3 23 (10.85%) Retail
4 11 (5.19%) Legal
5 9 (4.25%) Telecoms
6 5 (2.36%) Back Office
6 5 (2.36%) Manufacturing
6 5 (2.36%) Marketing
7 3 (1.42%) Banking
7 3 (1.42%) Electronics
7 3 (1.42%) French Language
7 3 (1.42%) German Language
7 3 (1.42%) Spanish Language
8 1 (0.47%) Advertising
8 1 (0.47%) Automotive
8 1 (0.47%) Russian Language
Job Titles
1 40 (18.87%) Consultant
2 37 (17.45%) Security Consultant
3 35 (16.51%) Architect
4 34 (16.04%) Analyst
5 26 (12.26%) Security Analyst
6 23 (10.85%) Security Architect
7 16 (7.55%) Security Engineer
8 11 (5.19%) IT Analyst
8 11 (5.19%) IT Security Analyst
9 10 (4.72%) Information Security Consultant
9 10 (4.72%) Security Manager
10 9 (4.25%) Information Manager
10 9 (4.25%) Information Security Manager
11 8 (3.77%) Business Analyst
11 8 (3.77%) Service Manager
12 7 (3.30%) Security Specialist
13 6 (2.83%) Delivery Manager
13 6 (2.83%) Information Analyst
13 6 (2.83%) Information Security Analyst
13 6 (2.83%) Service Delivery Manager
Libraries, Frameworks & Software Standards
1 10 (4.72%) Web Services
2 6 (2.83%) Oracle Fusion
2 6 (2.83%) SAML
3 5 (2.36%) Elastic Stack
3 5 (2.36%) Middleware
4 4 (1.89%) Kafka
4 4 (1.89%) LAMP
5 2 (0.94%) .NET
5 2 (0.94%) CSS
5 2 (0.94%) HTML
5 2 (0.94%) HTML5
5 2 (0.94%) jQuery
5 2 (0.94%) JSON
5 2 (0.94%) LEMP Stack
5 2 (0.94%) Memcached
5 2 (0.94%) RabbitMQ
5 2 (0.94%) XML
6 1 (0.47%) LDAP
6 1 (0.47%) OAuth
6 1 (0.47%) Symfony
Miscellaneous
1 21 (9.91%) Analytical Skills
2 16 (7.55%) PKI
3 12 (5.66%) Management Information System
3 12 (5.66%) Public Cloud
4 10 (4.72%) Self-Motivation
5 6 (2.83%) Mobile App
6 5 (2.36%) Data Centre
6 5 (2.36%) Security Operations Centre
7 4 (1.89%) Distributed Denial-of-Service
7 4 (1.89%) Greenfield Project
7 4 (1.89%) PMI
8 3 (1.42%) Chip and PIN
8 3 (1.42%) Data Protection Act
8 3 (1.42%) Fibre Optics
8 3 (1.42%) Hybrid Cloud
8 3 (1.42%) Smartcard
9 2 (0.94%) Cyberthreat
9 2 (0.94%) iSeries
9 2 (0.94%) Linux Command Line
9 2 (0.94%) SWIFT
Operating Systems
1 34 (16.04%) Linux
2 32 (15.09%) Windows
3 11 (5.19%) Windows Server
4 7 (3.30%) Unix
5 4 (1.89%) Red Hat Enterprise Linux
5 4 (1.89%) Windows Server 2008
6 3 (1.42%) Android
6 3 (1.42%) Windows Server 2012
6 3 (1.42%) Windows Server 2016
7 2 (0.94%) CentOS
7 2 (0.94%) Oracle Linux
7 2 (0.94%) OS/400
7 2 (0.94%) Windows 10
7 2 (0.94%) Windows 7
8 1 (0.47%) Apple iOS
8 1 (0.47%) Mac OS
8 1 (0.47%) Mac OS X
8 1 (0.47%) Solaris
8 1 (0.47%) VMS
Processes & Methodologies
1 99 (46.70%) Information Security
2 34 (16.04%) Risk Management
3 32 (15.09%) SIEM
4 28 (13.21%) Cybersecurity
5 26 (12.26%) Security Architecture
6 25 (11.79%) Problem-Solving
7 24 (11.32%) Vulnerability Management
8 23 (10.85%) ITIL
9 21 (9.91%) Security Monitoring
9 21 (9.91%) Security Operations
9 21 (9.91%) Stakeholder Management
10 20 (9.43%) Agile Software Development
11 19 (8.96%) Security Management
12 18 (8.49%) Penetration Testing
13 16 (7.55%) DevOps
14 15 (7.08%) Project Delivery
15 14 (6.60%) Identity Access Management
15 14 (6.60%) OWASP
16 13 (6.13%) Threat Analysis
17 12 (5.66%) Threat Modelling
Programming Languages
1 11 (5.19%) Java
2 10 (4.72%) Python
3 7 (3.30%) PowerShell
4 4 (1.89%) JavaScript
4 4 (1.89%) SQL
5 3 (1.42%) PHP
6 2 (0.94%) Bash Shell
6 2 (0.94%) C
6 2 (0.94%) C#
6 2 (0.94%) C++
6 2 (0.94%) Perl
6 2 (0.94%) Ruby
7 1 (0.47%) Kotlin
7 1 (0.47%) Shell Script
Qualifications
1 65 (30.66%) CISSP
2 55 (25.94%) CISM
3 30 (14.15%) CISA
4 25 (11.79%) Degree
5 15 (7.08%) Security Cleared
6 10 (4.72%) CompTIA Security+
7 8 (3.77%) Cisco Certification
7 8 (3.77%) MCSE
7 8 (3.77%) Microsoft Certification
8 7 (3.30%) CEH
8 7 (3.30%) CESG Certified Professional
8 7 (3.30%) Computer Science Degree
9 6 (2.83%) ISO 27001 Lead Auditor
9 6 (2.83%) PCI QSA
9 6 (2.83%) SC Cleared
10 5 (2.36%) CLAS
10 5 (2.36%) MCP
10 5 (2.36%) MCSA
10 5 (2.36%) SANS
11 4 (1.89%) CCSP
Quality Assurance & Compliance
1 98 (46.23%) ISO/IEC 27001
2 57 (26.89%) GDPR
3 29 (13.68%) NIST
4 14 (6.60%) ISO/IEC 27002 (supersedes ISO/IEC 17799)
4 14 (6.60%) Sarbanes-Oxley
5 7 (3.30%) COBIT
5 7 (3.30%) Cyber Essentials
5 7 (3.30%) SLA
6 6 (2.83%) HIPAA
6 6 (2.83%) ISAE 3402
6 6 (2.83%) QA
7 5 (2.36%) ISO 9001
7 5 (2.36%) PSD2
8 3 (1.42%) NCSC
9 2 (0.94%) Cyber Essentials PLUS
9 2 (0.94%) FISMA
9 2 (0.94%) NIST 800
10 1 (0.47%) Disclosure Scotland
10 1 (0.47%) ISO 22301
10 1 (0.47%) ISO/IEC 27005
System Software
1 14 (6.60%) Active Directory
2 13 (6.13%) VMware Infrastructure
3 6 (2.83%) Docker
4 4 (1.89%) NFS
5 2 (0.94%) vCloud
5 2 (0.94%) vSphere
Systems Management
1 6 (2.83%) Computer Emergency Response Teams
1 6 (2.83%) Terraform
2 5 (2.36%) Ansible
2 5 (2.36%) Kibana
2 5 (2.36%) Opscode Chef
2 5 (2.36%) Puppet
2 5 (2.36%) RSA Archer
3 4 (1.89%) Kubernetes
3 4 (1.89%) logstash
4 3 (1.42%) Istio
4 3 (1.42%) Nessus
4 3 (1.42%) QRadar
5 2 (0.94%) Nagios
5 2 (0.94%) Oracle Identity Management
5 2 (0.94%) vRealize
6 1 (0.47%) Grafana
6 1 (0.47%) HP Fortify
6 1 (0.47%) Packer
6 1 (0.47%) Single Sign-On
6 1 (0.47%) Trend Micro Deep Security
Vendors
1 22 (10.38%) Microsoft
2 20 (9.43%) Cisco
3 19 (8.96%) VMware
4 15 (7.08%) Oracle
5 10 (4.72%) Splunk
6 9 (4.25%) Google
7 8 (3.77%) SAP
8 6 (2.83%) Meraki
9 5 (2.36%) CheckPoint
9 5 (2.36%) ServiceNow
10 4 (1.89%) Cloudera
10 4 (1.89%) McAfee
10 4 (1.89%) Palo Alto
10 4 (1.89%) Red Hat
11 3 (1.42%) Ingenico
11 3 (1.42%) Tripwire
12 2 (0.94%) ArcSight
12 2 (0.94%) CA
12 2 (0.94%) Salesforce.com
12 2 (0.94%) Sun